It might, but it depends on how well isolated Stripes' reflection code is. If it's bracketed by doPrivileged blocks, then it's no problem; we'd just need to make sure that Stripes.jar was granted the appropriate privileges in our pro-forma security policy.
Stripes does not have a single doPrivileged() code block in it. I did a full search.
/Janne
